[USN-5359-1] rsync vulnerability
Severity
Medium
Affected Packages
2
CVEs
1
rsync could be made to crash or run programs if it received specially crafted network traffic.
Danilo Ramos discovered that rsync incorrectly handled memory when
performing certain zlib deflating operations. An attacker could use this
issue to cause rsync to crash, resulting in a denial of service, or
possibly execute arbitrary code.
Package | Affected Version |
---|---|
pkg:deb/ubuntu/rsync?distro=focal | < 3.1.3-8ubuntu0.3 |
pkg:deb/ubuntu/rsync?distro=bionic | < 3.1.2-2.1ubuntu1.4 |
- ID
- USN-5359-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-5359-1
- Published
-
2022-03-31T12:44:59
(2 years ago) - Modified
-
2022-03-31T12:44:59
(2 years ago) - Other Advisories
-
- ALAS-2022-1602
- ALAS-2022-1640
- ALAS2-2022-1772
- ALPINE:CVE-2018-25032
- ALSA-2022:1642
- ALSA-2022:2201
- ALSA-2022:7813
- ASA-202204-3
- DSA-5111-1
- ELSA-2022-1642
- ELSA-2022-2201
- ELSA-2022-2213
- ELSA-2022-4584
- ELSA-2022-4592
- ELSA-2022-8420
- ELSA-2022-9565
- FEDORA-2022-12b89e2aad
- FEDORA-2022-3a92250fd5
- FEDORA-2022-413a80a102
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-b58a85e167
- FEDORA-2022-dbd2935e44
- FREEBSD:36D10AF7-248D-11ED-856E-D4C9EF517024
- FREEBSD:38F2E3A0-B61E-11EC-9EBC-1C697AA5A594
- FREEBSD:8E150606-08C9-11ED-856E-D4C9EF517024
- GLSA-202210-42
- GLSA-202405-22
- MS:CVE-2018-25032
- openSUSE-SU-2022:1061-1
- RHSA-2022:1642
- RHSA-2022:2201
- RHSA-2022:2213
- RHSA-2022:4584
- RHSA-2022:4592
- RHSA-2022:7813
- RHSA-2022:8420
- RLSA-2022:1642
- RLSA-2022:2201
- RUBYSEC:NOKOGIRI-2018-25032
- SSA:2022-087-01
- SSA:2022-228-01
- SUSE-SU-2022:1023-1
- SUSE-SU-2022:1043-1
- SUSE-SU-2022:1061-1
- SUSE-SU-2022:1061-2
- SUSE-SU-2022:1062-1
- SUSE-SU-2022:3225-1
- USN-5355-1
- USN-5355-2
- USN-5359-2
- USN-5739-1
- USN-6736-1
- USN-6736-2
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |